On 08/22/2017 08:18 AM, Paolo Bonzini wrote:
> It is a common requirement for virtual machine to send persistent
> reservations, but this currently requires either running QEMU with
> CAP_SYS_RAWIO, or using out-of-tree patches that let an unprivileged
> QEMU bypass Linux's filter on SG_IO commands.
> 
> As an alternative mechanism, the next patches will introduce a
> privileged helper to run persistent reservation commands without
> expanding QEMU's attack surface unnecessarily.

> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
> ---

> +++ b/qapi/block-core.json
> @@ -2191,6 +2191,9 @@
>  # Driver specific block device options for the file backend.
>  #
>  # @filename:    path to the image file
> +# @pr-manager:  the if for the object that will handle persistent reservations

s/if/interface/ for legibility

> +#               for this device (default: forward the commands via SG_IO,
> +#               since 2.11)
>  # @aio:         AIO backend (default: threads) (since: 2.8)
>  # @locking:     whether to enable file locking. If set to 'auto', only enable
>  #               when Open File Descriptor (OFD) locking API is available
> @@ -2200,6 +2203,7 @@
>  ##
>  { 'struct': 'BlockdevOptionsFile',
>    'data': { 'filename': 'str',
> +            '*pr-manager': 'str',
-- 
Eric Blake, Principal Software Engineer
Red Hat, Inc.           +1-919-301-3266
Virtualization:  qemu.org | libvirt.org